Upgrade to a XMPP server with XEP-0313 and XEP-0280

2017-04-202017-04-20Dllud asked a question...2017-04-202017-04-20

It's a pity that you didn't migrate the tickets from the old system. I hope you have a backup somewhere. Under this topic we had an interesting discussion that was still open and waiting for resolution.

Summing it up, Riseup's XMPP is showing some age and needs an upgrade. It misses several XEPs that are a must nowadays. For instance Message Carbons (XEP-0280) and Message Archive Management (XEP-0313), that provide inter-client message and history
syncronization. Check the full list at: https://gultsch.de/compliance_ranked.html

As it stands Riseup's XMPP server is only fit for the old model where each user had a single device and only took part in synchronous chats. Nowadays people expect Instant Messaging to be asynchronous and synchronized across all their devices.
XMPP clients like Conversations implement these new use cases and turned XMPP back into a viable option for the mainstream. It is bringing back people that had previously migrated to more centralized and even proprietary protocols because of the lack of features. However we now need server-side support across the ecosystem to keep the momentum going.

Flag Post for Review

We have the following page about this issue, but no movement for a while: https://we.riseup.net/riseup/xmpp

So, I will try to explain the situation we are in. We agree that some of these features enhance the chat experience so it does not matter what device you are using and enables you to switch between them seamlessly. We want to enforce encryption always, but at the same time we have users who are not using clients that play nicely with this (specifically, they don't support e2e encryption or do weird things that when there is an unknown key don't accept messages neither display a change of session or store OTR messages with carbon). Once we have that solved, we need to test that to make sure it works properly, and then there will of course be edge cases that might come up. At the moment, we con't have anyone who has figured out how to do that. So the switch is going to be painful, and we need to be focused on that to be able to write documentation and reply to support tickets on time and our energies are currently in other areas.

Some months ago we enabled some other extensions that didn't produce problems, but for file upload, mam and carbons encryption should be enforced.

In resume, we want to, we just need time to focus on this and it's not something we can turn on from one day to another